PT-2010-1227 · Gnu · Gnutls
Satyakumar
·
Publicado
2010-05-24
·
Atualizado
2023-02-13
·
CVE-2006-7239
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
GnuTLS versions prior to 1.4.2
Description
The issue allows remote attackers to cause a denial of service (crash) via a crafted X.509 certificate that uses a hash algorithm not supported by GnuTLS, triggering a NULL pointer dereference in the
gnutls x509 oid2mac algorithm function.Recommendations
For versions prior to 1.4.2, update to version 1.4.2 or later to resolve the issue.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Gnutls